25 matches found
CVE-2026-34540
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...
CVE-2026-34540
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...
CVE-2026-34540
The CVE concerns iccDEV ICC color management libraries. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow in icMemDump() when iccDumpProfile tries to dump/malformed tag contents. The out-of-bounds read is observed under AddressSanitizer in icMemDump(...) at IccPro...
PT-2026-29388
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...
SUSE CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
ALPINE-CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
ALPINE-CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
DEBIAN-CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
UBUNTU-CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28418
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
CVE-2026-28418
Vim (before 9.2.0074) is affected by a heap-based buffer overflow in the Emacs-style tags file parser. When processing a malformed tags file, Vim can read up to 7 bytes beyond the allocated memory boundary due to out-of-bounds reads. The issue is fixed in Vim version 9.2.0074. No exploitation det...
CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...
EUVD-2005-2784
Malware in sbrugna...
CVE-2024-45516
An issue was discovered in Zimbra Collaboration ZCS 9.0.0 before Patch 43, 10.0.x before 10.0.12, 10.1.x before 10.1.4, and 8.8.15 before Patch 47. A Cross-Site Scripting XSS vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session,...
Allocation of Resources Without Limits or Throttling
Overview markdownify is a Convert HTML to markdown. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing malformed HTML tags. An attacker can cause excessive memory consumption by causing heading tags with very large values to be...
gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling
A heap-based buffer overflow vulnerability was found in the FLAC parser in GStreamer. This issue occurs when processing malformed image tags, which could allow a malicious third party to induce a crash in the application and potentially execute code by manipulating the heap...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...